[Cryptography] Formal definition of lightweight crypto
Jon Callas
jon at callas.org
Sat Jan 2 01:33:43 EST 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Let me give an informal definition. Lightweight crypto is weak crypto that is still useful.
Let me handwave at an example. Suppose I was making a commodity in a factory — cosmetics, liquor, etc. — and you want to put an authenticity mark on the container. Imagine it either being an RFID or optical like a QR code, and it testifies that this product was made in batch 123, on date D, and this is all backed with a seal that you can check over the web to find out it's a legitimate good, not a counterfeit.
Now let us suppose that we construct a cryptographic puzzle as certification. It could be a MAC, a digital signature, some zero-knowledge whatever, and we all agree that someone can forge one of these for about $10,000 dollars worth of compute time bought from a cloud provider, and cracked in about four hours. But it provides the authenticity seal for a $100 bottle of liquor or cosmetics. One could argue that while this digital seal might have an equivalence of only 50-60 bits of crypto, it's still reasonable to be an authenticity mark for its intended use.
You wouldn't want to use it for securing a protected disk, or a communications link, or a contract, but as the special case of showing authenticity of a product, sure it works.
This is the idea of lightweight crypto. It is doing something useful — an authenticity seal that might otherwise be done by a plastic hologram seal or whatever — but it's not something that will keep a government out. It's just more expensive to make a counterfeit seal than the product is worth.
That's kinda the idea. Weak, and yet still useful. And more importantly it can be run on very cheap hardware as well.
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 3.3.0 (Build 9060)
Charset: utf-8
wsBVAwUBVodvbPD9H+HfsTZWAQiHPggAij1iTVphQNBivYZPeAFEiT5nPKn0Iu/9
aWpsLEHKDg3+odj4vD4R8kibOS0IgV2j2m41oZHoKl76jW30Dxl7xyYNa08NZBUO
nU7nLvTppVREVw8ohYTmGOLpR6Wiy0wB/2y9tmQdM7GTehcz6IUrTFIPYEWSt/QR
8kXZAUny5qRb2DVWE8wVKbCrwgFqYQCjn36vywd2kYO3zbfDeiwPCmpCnpSjfz9z
w4s8HOC1aUJMIQ77wB13cEmXMJO4756qti7eek99260K9b2T6rg7Sv1Qb7lyOHBs
YQrhL43CbSkEuIFOS3rQUGXqh8pqhHGe6NHuZqRmwsMGi3+EZHtBtA==
=fxU0
-----END PGP SIGNATURE-----
More information about the cryptography
mailing list